Continuing a series of blog posts with ADDS installation and configuration, how to setup OUs, Security groups and how to join all installed VMs to the AD domain. To remind you, below is the picture with all VMs on the laptop.

As we can assume, on the DC01 I’ll install ADDS role. Installation of ADDS is pretty stride forward.

Here we are done with a initial installation of Active Directory. Before we go further I’d like to mention one big important things, that is Time synchronization integration service and how to setup Time Server on the Domain Controller.

Uncheck Time synchronization under DC vm Settings.

then follow instructions how to configure an authoritative time server, on this link or you can follow instructions below. My recommendation is to use an external time source and fix to yourself.”Let me fix it myself

To configure an internal time server to synchronize with an external time source, follow these steps:

In the pane on the right, right-click AnnounceFlags, and then click Modify.

In Edit DWORD Value, type 5 in the Value data box, and then click OK.

If an authoritative time server that is configured to use an AnnounceFlag value of 0x5 does not synchronize with an upstream time server, a client server may not correctly synchronize with the authoritative time server when the time synchronization between the authoritative time server and the upstream time server resumes. Therefore, if you have a poor network connection or other concerns that may cause time synchronization failure of the authoritative server to an upstream server, set the AnnounceFlag value to 0xA instead of to 0x5.

If an authoritative time server that is configured to use an AnnounceFlag value of 0x5 and to synchronize with an upstream time server at a fixed interval that is specified in SpecialPollInterval, a client server may not correctly synchronize with the authoritative time server after the authoritative time server restarts. Therefore, if you configure your authoritative time server to synchronize with an upstream NTP server at a fixed interval that is specified in SpecialPollInterval, set the AnnounceFlag value to 0xA instead of 0x5.

In the pane on the right, right-click NtpServer, and then click Modify.

In Edit Value, type Peers in the Value data box, and then click OK.

NotePeers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes that you make in step 5 will not take effect.

In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

Note

TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend on the poll interval, network condition, and external time source.

The default value of MaxPosPhaseCorrection is 48 hours in Windows Server 2008 R2 or later.

In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend on the poll interval, network condition, and external time source.

The default value of MaxNegPhaseCorrection is 48 hours in Windows Server 2008 R2 or later.

7. Close Registry Editor.

8. At the command prompt, type the following command to restart the Windows Time service, and then press Enter:

net stop w32time && net start w32time

Next step is preparation of Active Directory Users and Computers. As you can see on the pictures below, I’ve created few additional Organizational Units, Groups and Users as well.

On this Domain Controller I have installed DNS and DHCP too!

The next step is joining all virtual machines what I’ve installed to the domain. We have two possibility for that, one by one or with a PowerShell all together. I chose PowerShell.

Your email address will not be published. Required fields are marked *

Name *

Email *

Website

Comment

Follow Me

Microsoft MVP Profile

Microsoft Community Contributor

Sponsor – Altaro

Sponsor – Vembu

Microsoft Community Croatia

Microsoft Virtual Academy

Publications

Thanks for Visiting

Copyright Warning

Bear in mind that all material is copyrighted by me or by its respective owners. To use any of it, full or in part, you must contact me or owner of the material. You may quote few paragraphs from this blog only if you link to the original blog post.